SlideShare une entreprise Scribd logo

CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS Routers - CLI

H
Hoàng Hải Nguyễn
TechnologieFormation
1  sur  9
Télécharger pour lire hors ligne
CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS... http://www.howtonetwork.net/public/1251print.cfm http://www.howtonetwork.net CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS Routers - CLI Lab 9 Enabling SSH and HTTPS access to Cisco IOS Routers Lab Objective: The objective of this lab exercise is for you to learn and understand how enable SSH and HTTPS access to Cisco IOS routers. Lab Purpose: SSH and HTTPS are secure management protocols that are recommended for remotely accessing and managing Cisco IOS devices. It is imperative to understand the configuration tasks required to enable SSH access in the Cisco IOS software suite. Lab Difficulty: This lab has a difficulty rating of 5/10. Readiness Assessment: When you are ready for your certification exam, you should complete this lab in no more than 10 minutes. Lab Topology: Please use the following topology to complete this lab: NOTE: If you do not have a Host in your lab, you can simply substitute Host 1 for another router with an Ethernet interface and a default static route pointing to 172.16.1.2. Lab 9 Configuration Tasks Task 1: Configure the hostname on R2 and IP addressing as illustrated in the diagram. In addition, configure Host 1 with the IP address specified and a default gateway of 172.16.1.2. Verify that Host 1 can ping R2 successfully. Task 2: Configure R2 with the domain name howtonetwork.net. In addition to this, configure R2 so that is generates a 2048-bit RSA key for maximum security. Task 3: Enable HTTPS support on R2. Ensure that only the 172.16.1.0/24 subnet can access the router via HTTPS. All attempts from any other subnet should be logged. In addition to this, configure R2 to only allow SSH connections without using an ACL. Task 4: Configure a username of ccna with a password of security on R2. This user should have Level 15 access to the router. In 1 of 9 02/06/2011 8:18 SA
CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS... http://www.howtonetwork.net/public/1251print.cfm addition, R2 should authenticate all HTTPS and SSH sessions using the local router database. Task 5: Verify your configuration by accessing R2 via HTTPS and SSH. Lab 9 Configuration and Verification Task 1: Router(config)#hostname R2 R2(config)#interface fastethernet0/0 R2(config-if)#ip address 172.16.1.2 255.255.255.0 R2(config-if)#no shutdown R2(config-if)#exit R2(config)#exit R2# Task 2: R2(config)#ip domain-name howtonetwork.net R2(config)#crypto key generate rsa The name for the keys will be: R2.howtonetwork.net Choose the size of the key modulus in the range of 360 to 2048 for your General Purpose Keys. Choosing a key modulus greater than 512 may take a few minutes. How many bits in the modulus [512]: 2048 % Generating 2048 bit RSA keys, keys will be non-exportable... R2(config)#exit R2# R2#show crypto key mypubkey rsa 2 of 9 02/06/2011 8:18 SA
CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS... http://www.howtonetwork.net/public/1251print.cfm % Key pair was generated at: 01:40:01 UTC Mar 1 2002 Key name: TP-self-signed-3473940174 Storage Device: private-config Usage: General Purpose Key Key is not exportable. Key Data: 30819F30 0D06092A 864886F7 0D010101 05000381 8D003081 89028181 00C8244F 0BABB6A5 57E3A33E E6D3995A 495CF68F 7E131A62 67029197 10DF0FCB 6918CBD3 B817C851 D4648C79 B882A863 7804CB89 84FB80D9 F1D86BE7 9C8292E1 61772425 2490F4BE 0322C05C 9845153E 0A455075 E9BCC77A 19900C00 84F63219 6434915C 0E821D54 42E1C8FB 4BE8A303 4E295401 B4377CDC 14AF720F 4C92DC70 A9020301 0001 % Key pair was generated at: 08:01:11 UTC Mar 1 2002 Key name: TP-self-signed-3473940174.server Temporary key Usage: Encryption Key Key is not exportable. Key Data: 307C300D 06092A86 4886F70D 01010105 00036B00 30680261 00D77959 F38BD5A2 8584B71C 05919DC2 B33C3B3F 7024C5C2 45672D12 E3271AEE 763D42ED 3D7501E5 2A335EEE 1E3591E1 72FF256A 04E488D0 F2ECEFA4 78240955 C0CA1BB0 04BC39F1 6C915A7F 27833169 48F06FAA AA6F9278 40335603 260B5C0B 8B020301 0001 % Key pair was generated at: 08:27:21 UTC Mar 1 2002 Key name: R2.howtonetwork.net Storage Device: not specified Usage: General Purpose Key Key is not exportable. Key Data: 30820122 300D0609 2A864886 F70D0101 01050003 82010F00 3082010A 02820101 00CE0214 97E827CC E6BAE894 ECD5E4BE 11172513 BDCA271E 79132E55 CE24C58C 05D76DD5 3C675C8A 4CAE8DD6 3BD5BE9A 4EAC74D1 165DE340 5334A797 0B4FB5C6 5654E0B8 5827EEEB 256C495C CCDA3E41 F8E2FB1C F81C3124 61F7C7F3 051FD914 A1CEF9DA 38352EEC 0850E3F2 498DA640 1510D929 00556458 C49A42C2 9A15692D BB9B7BA6 C946B1DE AFB6151C 22CEAACE AAE3A56D 28676D2A C1227F88 394204AF 827E7486 131E5E90 D3C8FA5A 7CFB2A3C E6E2645E 5347047F 28EAC93C 902D0CA7 93BBA7F1 E8904054 73AC4AAC D408F729 927CADD2 0BCAF6D9 F54FFC96 9BF80FE6 60805FE2 CDE1140D 2A33B883 E2537641 5B631CD4 0E42CDFB 90013487 EDA587F8 29020301 0001 Task 3: R2(config)#access-list 10 remark "This is my HTTPS ACL" R2(config)#access-list 10 permit 172.16.1.0 0.0.0.255 R2(config)#access-list 10 deny any log 3 of 9 02/06/2011 8:18 SA
CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS... http://www.howtonetwork.net/public/1251print.cfm R2(config)#ip http secure-server R2(config)#ip http access-class 10 R2(config)#line vty 0 4 R2(config-line)#transport input ssh R2(config-line)#exit R2(config)#exit R2# Task 4: R2(config)#username ccna privilege 15 secret security R2(config)#ip http authentication local R2(config)#line vty 0 4 R2(config-line)#login local R2(config-line)#exit R2(config)#exit R2# Task 5: To verify SSH, you need an SSH client, such as Putty — for example: 4 of 9 02/06/2011 8:18 SA
CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS... http://www.howtonetwork.net/public/1251print.cfm To verify HTTPS access, all you need is a simple Web Browser: 5 of 9 02/06/2011 8:18 SA
CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS... http://www.howtonetwork.net/public/1251print.cfm Lab 9 Configurations R2 Configuration R2#show run Building configuration... Current configuration : 2666 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R2 ! boot-start-marker boot-end-marker ! no logging console ! no aaa new-model no network-clock-participate slot 1 no network-clock-participate wic 0 ip cef 6 of 9 02/06/2011 8:18 SA
CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS... http://www.howtonetwork.net/public/1251print.cfm ! ! ! ! no ip domain lookup ip domain name howtonetwork.net ! multilink bundle-name authenticated ! ! crypto pki trustpoint TP-self-signed-3473940174 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-3473940174 revocation-check none rsakeypair TP-self-signed-3473940174 ! ! crypto pki certificate chain TP-self-signed-3473940174 certificate self-signed 03 3082024B 308201B4 A0030201 02020103 300D0609 2A864886 F70D0101 04050030 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 33343733 39343031 3734301E 170D3032 30333031 30383330 32395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 34373339 34303137 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100C824 4F0BABB6 A557E3A3 3EE6D399 5A495CF6 8F7E131A 62670291 9710DF0F CB6918CB D3B817C8 51D4648C 79B882A8 637804CB 8984FB80 D9F1D86B E79C8292 E1617724 252490F4 BE0322C0 5C984515 3E0A4550 75E9BCC7 7A19900C 0084F632 19643491 5C0E821D 5442E1C8 FB4BE8A3 034E2954 01B4377C DC14AF72 0F4C92DC 70A90203 010001A3 73307130 0F060355 1D130101 FF040530 030101FF 301E0603 551D1104 17301582 1352322E 686F7774 6F6E6574 776F726B 2E6E6574 301F0603 551D2304 18301680 144020A0 822373EF EFCD379B 8C2A1A4D 1343842D 59301D06 03551D0E 04160414 4020A082 2373EFEF CD379B8C 2A1A4D13 43842D59 300D0609 2A864886 F70D0101 04050003 81810018 BD971958 6D275769 5ADFF84C 566F8F39 857E730C 27B0E083 7DCF3C01 67BBEEAF 3CA291EF B92A711D C4D4AE49 A0C521CD 2A09AC35 C1D0A813 86B326AD E4EBE346 50F79E63 D35A47AF F1C54CB1 74C0F6D1 72547F28 EAE15C2C B7EB4944 C40B2FD8 050DF971 CE10C8DA 171E6161 FE0AAB91 FCCFBFA0 8ACC608A C7D9799A 73F95A quit ! ! 7 of 9 02/06/2011 8:18 SA
CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS... http://www.howtonetwork.net/public/1251print.cfm username ccna privilege 15 secret 5 $1$AMJ7$Jhs/IcLaJsecnzlaKZCl91 archive log config hidekeys ! ! ! ! ! ! ! interface FastEthernet0/0 ip address 172.16.1.2 255.255.255.0 duplex auto speed auto ! interface Serial0/0 no ip address ! ip forward-protocol nd ! ! ip http server ip http access-class 10 ip http authentication local ip http secure-server ! access-list 10 remark "This is my HTTPS ACL" access-list 10 permit 172.16.1.0 0.0.0.255 access-list 10 deny any log ! ! ! ! control-plane ! ! ! line con 0 line aux 0 line vty 0 4 8 of 9 02/06/2011 8:18 SA
CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS... http://www.howtonetwork.net/public/1251print.cfm password cisco login local transport input ssh ! ! end << previous lab ¦ CCNA Security Labs ¦ next lab >> © 2006-2011 HowtoNetwork.net All Rights Reserved. Reproduction without permission prohibited. 9 of 9 02/06/2011 8:18 SA

Recommandé

Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking ExplainedThomas Graf
 
CCNAv5 - S3: Chapter2 Lan Redundancy
CCNAv5 - S3: Chapter2 Lan RedundancyCCNAv5 - S3: Chapter2 Lan Redundancy
CCNAv5 - S3: Chapter2 Lan RedundancyVuz Dở Hơi
 
Ccna notes
Ccna notesCcna notes
Ccna notesDreams Design
 
Tacacs
TacacsTacacs
Tacacs1 2d
 
Scaling Asterisk with Kamailio
Scaling Asterisk with KamailioScaling Asterisk with Kamailio
Scaling Asterisk with KamailioFred Posner
 
TechWiseTV Workshop: Software-Defined Access
TechWiseTV Workshop: Software-Defined AccessTechWiseTV Workshop: Software-Defined Access
TechWiseTV Workshop: Software-Defined AccessRobb Boyd
 
MikroTik Firewall : Securing your Router with Port Knocking
MikroTik Firewall : Securing your Router with Port KnockingMikroTik Firewall : Securing your Router with Port Knocking
MikroTik Firewall : Securing your Router with Port KnockingAkbar Azwir, MM, PMP, PMI-SP, PSM I, CISSP
 

Recommandé

Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking ExplainedThomas Graf
 
CCNAv5 - S3: Chapter2 Lan Redundancy
CCNAv5 - S3: Chapter2 Lan RedundancyCCNAv5 - S3: Chapter2 Lan Redundancy
CCNAv5 - S3: Chapter2 Lan RedundancyVuz Dở Hơi
 
Ccna notes
Ccna notesCcna notes
Ccna notesDreams Design
 
Tacacs
TacacsTacacs
Tacacs1 2d
 
Scaling Asterisk with Kamailio
Scaling Asterisk with KamailioScaling Asterisk with Kamailio
Scaling Asterisk with KamailioFred Posner
 
TechWiseTV Workshop: Software-Defined Access
TechWiseTV Workshop: Software-Defined AccessTechWiseTV Workshop: Software-Defined Access
TechWiseTV Workshop: Software-Defined AccessRobb Boyd
 
MikroTik Firewall : Securing your Router with Port Knocking
MikroTik Firewall : Securing your Router with Port KnockingMikroTik Firewall : Securing your Router with Port Knocking
MikroTik Firewall : Securing your Router with Port KnockingAkbar Azwir, MM, PMP, PMI-SP, PSM I, CISSP
 
AAA & RADIUS Protocols
AAA & RADIUS ProtocolsAAA & RADIUS Protocols
AAA & RADIUS ProtocolsPeter R. Egli
 
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructorSalem Trabelsi
 
Mikrotik firewall NAT
Mikrotik firewall NATMikrotik firewall NAT
Mikrotik firewall NATAchmad Mardiansyah
 
Ssh
SshSsh
SshRaghu nath
 
Basic command to configure mikrotik
Basic command to configure mikrotikBasic command to configure mikrotik
Basic command to configure mikrotikTola LENG
 
DerbyCon 2019 - Kerberoasting Revisited
DerbyCon 2019 - Kerberoasting RevisitedDerbyCon 2019 - Kerberoasting Revisited
DerbyCon 2019 - Kerberoasting RevisitedWill Schroeder
 
Cisco router-commands
Cisco router-commandsCisco router-commands
Cisco router-commandsRobin Rohit
 
DMVPN
DMVPNDMVPN
DMVPNNetProtocol Xpert
 
TACACS Protocol
TACACS ProtocolTACACS Protocol
TACACS ProtocolNetwax Lab
 
SSH
SSHSSH
SSHZach Dennis
 
Tutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting routerTutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting routerShu Sugimoto
 
Alphorm.com Formation Active Directory 2019 : Optimisation et Sécurisation av...
Alphorm.com Formation Active Directory 2019 : Optimisation et Sécurisation av...Alphorm.com Formation Active Directory 2019 : Optimisation et Sécurisation av...
Alphorm.com Formation Active Directory 2019 : Optimisation et Sécurisation av...Alphorm
 
Secure Shell(ssh)
Secure Shell(ssh)Secure Shell(ssh)
Secure Shell(ssh)Pina Parmar
 
IPsec vpn
IPsec vpnIPsec vpn
IPsec vpnsharetech
 
OpenStack Architecture
OpenStack ArchitectureOpenStack Architecture
OpenStack ArchitectureMirantis
 
CCNA 2 Routing and Switching v5.0 Chapter 6
CCNA 2 Routing and Switching v5.0 Chapter 6CCNA 2 Routing and Switching v5.0 Chapter 6
CCNA 2 Routing and Switching v5.0 Chapter 6Nil Menon
 
CCNA Lab 3-VLAN Configuration on Switch
CCNA Lab 3-VLAN Configuration on SwitchCCNA Lab 3-VLAN Configuration on Switch
CCNA Lab 3-VLAN Configuration on SwitchAmir Jafari
 
Implementing 802.1x Authentication
Implementing 802.1x AuthenticationImplementing 802.1x Authentication
Implementing 802.1x Authenticationdkaya
 
Ospf.ppt
Ospf.pptOspf.ppt
Ospf.pptEdgardo Scrimaglia
 
Palo alto networks NAT flow logic
Palo alto networks NAT flow logicPalo alto networks NAT flow logic
Palo alto networks NAT flow logicAlberto Rivai
 
CCNA Security 012- cryptographic systems
CCNA Security 012- cryptographic systemsCCNA Security 012- cryptographic systems
CCNA Security 012- cryptographic systemsAhmed Habib
 
CCNA Security 011- implementing ios-based ips
CCNA Security 011- implementing ios-based ipsCCNA Security 011- implementing ios-based ips
CCNA Security 011- implementing ios-based ipsAhmed Habib
 

Contenu connexe

Tendances

AAA & RADIUS Protocols
AAA & RADIUS ProtocolsAAA & RADIUS Protocols
AAA & RADIUS ProtocolsPeter R. Egli
 
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructorSalem Trabelsi
 
Basic command to configure mikrotik
Basic command to configure mikrotikBasic command to configure mikrotik
Basic command to configure mikrotikTola LENG
 
DerbyCon 2019 - Kerberoasting Revisited
DerbyCon 2019 - Kerberoasting RevisitedDerbyCon 2019 - Kerberoasting Revisited
DerbyCon 2019 - Kerberoasting RevisitedWill Schroeder
 
Cisco router-commands
Cisco router-commandsCisco router-commands
Cisco router-commandsRobin Rohit
 
TACACS Protocol
TACACS ProtocolTACACS Protocol
TACACS ProtocolNetwax Lab
 
Tutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting routerTutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting routerShu Sugimoto
 
Alphorm.com Formation Active Directory 2019 : Optimisation et Sécurisation av...
Alphorm.com Formation Active Directory 2019 : Optimisation et Sécurisation av...Alphorm.com Formation Active Directory 2019 : Optimisation et Sécurisation av...
Alphorm.com Formation Active Directory 2019 : Optimisation et Sécurisation av...Alphorm
 
Secure Shell(ssh)
Secure Shell(ssh)Secure Shell(ssh)
Secure Shell(ssh)Pina Parmar
 
OpenStack Architecture
OpenStack ArchitectureOpenStack Architecture
OpenStack ArchitectureMirantis
 
CCNA 2 Routing and Switching v5.0 Chapter 6
CCNA 2 Routing and Switching v5.0 Chapter 6CCNA 2 Routing and Switching v5.0 Chapter 6
CCNA 2 Routing and Switching v5.0 Chapter 6Nil Menon
 
CCNA Lab 3-VLAN Configuration on Switch
CCNA Lab 3-VLAN Configuration on SwitchCCNA Lab 3-VLAN Configuration on Switch
CCNA Lab 3-VLAN Configuration on SwitchAmir Jafari
 
Implementing 802.1x Authentication
Implementing 802.1x AuthenticationImplementing 802.1x Authentication
Implementing 802.1x Authenticationdkaya
 
Palo alto networks NAT flow logic
Palo alto networks NAT flow logicPalo alto networks NAT flow logic
Palo alto networks NAT flow logicAlberto Rivai
 

Tendances (20)

AAA & RADIUS Protocols
AAA & RADIUS ProtocolsAAA & RADIUS Protocols
AAA & RADIUS Protocols
 
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor
4.4.1.2 packet tracer configure ip ac ls to mitigate attacks-instructor
 
Mikrotik firewall NAT
Mikrotik firewall NATMikrotik firewall NAT
Mikrotik firewall NAT
 
Ssh
SshSsh
Ssh
 
Basic command to configure mikrotik
Basic command to configure mikrotikBasic command to configure mikrotik
Basic command to configure mikrotik
 
DerbyCon 2019 - Kerberoasting Revisited
DerbyCon 2019 - Kerberoasting RevisitedDerbyCon 2019 - Kerberoasting Revisited
DerbyCon 2019 - Kerberoasting Revisited
 
Cisco router-commands
Cisco router-commandsCisco router-commands
Cisco router-commands
 
DMVPN
DMVPNDMVPN
DMVPN
 
TACACS Protocol
TACACS ProtocolTACACS Protocol
TACACS Protocol
 
SSH
SSHSSH
SSH
 
Tutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting routerTutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting router
 
Alphorm.com Formation Active Directory 2019 : Optimisation et Sécurisation av...
Alphorm.com Formation Active Directory 2019 : Optimisation et Sécurisation av...Alphorm.com Formation Active Directory 2019 : Optimisation et Sécurisation av...
Alphorm.com Formation Active Directory 2019 : Optimisation et Sécurisation av...
 
Secure Shell(ssh)
Secure Shell(ssh)Secure Shell(ssh)
Secure Shell(ssh)
 
IPsec vpn
IPsec vpnIPsec vpn
IPsec vpn
 
OpenStack Architecture
OpenStack ArchitectureOpenStack Architecture
OpenStack Architecture
 
CCNA 2 Routing and Switching v5.0 Chapter 6
CCNA 2 Routing and Switching v5.0 Chapter 6CCNA 2 Routing and Switching v5.0 Chapter 6
CCNA 2 Routing and Switching v5.0 Chapter 6
 
CCNA Lab 3-VLAN Configuration on Switch
CCNA Lab 3-VLAN Configuration on SwitchCCNA Lab 3-VLAN Configuration on Switch
CCNA Lab 3-VLAN Configuration on Switch
 
Implementing 802.1x Authentication
Implementing 802.1x AuthenticationImplementing 802.1x Authentication
Implementing 802.1x Authentication
 
Ospf.ppt
Ospf.pptOspf.ppt
Ospf.ppt
 
Palo alto networks NAT flow logic
Palo alto networks NAT flow logicPalo alto networks NAT flow logic
Palo alto networks NAT flow logic
 

En vedette

CCNA Security 012- cryptographic systems
CCNA Security 012- cryptographic systemsCCNA Security 012- cryptographic systems
CCNA Security 012- cryptographic systemsAhmed Habib
 
CCNA Security 011- implementing ios-based ips
CCNA Security 011- implementing ios-based ipsCCNA Security 011- implementing ios-based ips
CCNA Security 011- implementing ios-based ipsAhmed Habib
 
CCNA Security 010-configuring cisco asa
CCNA Security 010-configuring cisco asaCCNA Security 010-configuring cisco asa
CCNA Security 010-configuring cisco asaAhmed Habib
 
CCNA Security - Chapter 3
CCNA Security - Chapter 3CCNA Security - Chapter 3
CCNA Security - Chapter 3Irsandi Hasan
 
CCNA Security 06- AAA
CCNA Security 06- AAACCNA Security 06- AAA
CCNA Security 06- AAAAhmed Habib
 
234821765 ccna-virtual-lab
234821765 ccna-virtual-lab234821765 ccna-virtual-lab
234821765 ccna-virtual-labITALTEL S.A.C
 
CCNA Security 09- ios firewall fundamentals
CCNA Security 09- ios firewall fundamentalsCCNA Security 09- ios firewall fundamentals
CCNA Security 09- ios firewall fundamentalsAhmed Habib
 
CCNA Security - Chapter 1
CCNA Security - Chapter 1CCNA Security - Chapter 1
CCNA Security - Chapter 1Irsandi Hasan
 
Chapter 9 lab a security policy development and implementation (instructor ve...
Chapter 9 lab a security policy development and implementation (instructor ve...Chapter 9 lab a security policy development and implementation (instructor ve...
Chapter 9 lab a security policy development and implementation (instructor ve...wosborne03
 
A Guide to SlideShare Analytics - Excerpts from Hubspot's Step by Step Guide ...
A Guide to SlideShare Analytics - Excerpts from Hubspot's Step by Step Guide ...A Guide to SlideShare Analytics - Excerpts from Hubspot's Step by Step Guide ...
A Guide to SlideShare Analytics - Excerpts from Hubspot's Step by Step Guide ...SlideShare
 

En vedette (10)

CCNA Security 012- cryptographic systems
CCNA Security 012- cryptographic systemsCCNA Security 012- cryptographic systems
CCNA Security 012- cryptographic systems
 
CCNA Security 011- implementing ios-based ips
CCNA Security 011- implementing ios-based ipsCCNA Security 011- implementing ios-based ips
CCNA Security 011- implementing ios-based ips
 
CCNA Security 010-configuring cisco asa
CCNA Security 010-configuring cisco asaCCNA Security 010-configuring cisco asa
CCNA Security 010-configuring cisco asa
 
CCNA Security - Chapter 3
CCNA Security - Chapter 3CCNA Security - Chapter 3
CCNA Security - Chapter 3
 
CCNA Security 06- AAA
CCNA Security 06- AAACCNA Security 06- AAA
CCNA Security 06- AAA
 
234821765 ccna-virtual-lab
234821765 ccna-virtual-lab234821765 ccna-virtual-lab
234821765 ccna-virtual-lab
 
CCNA Security 09- ios firewall fundamentals
CCNA Security 09- ios firewall fundamentalsCCNA Security 09- ios firewall fundamentals
CCNA Security 09- ios firewall fundamentals
 
CCNA Security - Chapter 1
CCNA Security - Chapter 1CCNA Security - Chapter 1
CCNA Security - Chapter 1
 
Chapter 9 lab a security policy development and implementation (instructor ve...
Chapter 9 lab a security policy development and implementation (instructor ve...Chapter 9 lab a security policy development and implementation (instructor ve...
Chapter 9 lab a security policy development and implementation (instructor ve...
 
A Guide to SlideShare Analytics - Excerpts from Hubspot's Step by Step Guide ...
A Guide to SlideShare Analytics - Excerpts from Hubspot's Step by Step Guide ...A Guide to SlideShare Analytics - Excerpts from Hubspot's Step by Step Guide ...
A Guide to SlideShare Analytics - Excerpts from Hubspot's Step by Step Guide ...
 

Similaire à CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS Routers - CLI

CCNA Connecting NetworksSA ExamLab 13 CCNA Connecting Netwo.docx
CCNA Connecting NetworksSA ExamLab 13 CCNA Connecting Netwo.docxCCNA Connecting NetworksSA ExamLab 13 CCNA Connecting Netwo.docx
CCNA Connecting NetworksSA ExamLab 13 CCNA Connecting Netwo.docxketurahhazelhurst
 
05 module managing your network enviornment
05 module managing your network enviornment05 module managing your network enviornment
05 module managing your network enviornmentAsif
 
Student packet tracer manual v1.1
Student packet tracer manual v1.1Student packet tracer manual v1.1
Student packet tracer manual v1.1milkux
 
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...Salem Trabelsi
 
Network topology by essay corp uk
Network topology by essay corp ukNetwork topology by essay corp uk
Network topology by essay corp ukJohnsmith5188
 
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docxAll contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docxgalerussel59292
 
ccna 1 chapter 2 v5.0 exam answers 2014
ccna 1 chapter 2 v5.0 exam answers 2014ccna 1 chapter 2 v5.0 exam answers 2014
ccna 1 chapter 2 v5.0 exam answers 2014Đồng Quốc Vương
 
IWAN Lab Guide
IWAN Lab GuideIWAN Lab Guide
IWAN Lab Guidejww330015
 
Linux hpc-cluster-setup-guide
Linux hpc-cluster-setup-guideLinux hpc-cluster-setup-guide
Linux hpc-cluster-setup-guidejasembo
 
Configuring Ip Sec Between A Router And A Pix
Configuring Ip Sec Between A Router And A PixConfiguring Ip Sec Between A Router And A Pix
Configuring Ip Sec Between A Router And A Pixangelitoh11
 
Chapter 2 overview
Chapter 2 overviewChapter 2 overview
Chapter 2 overviewali raza
 
Configure Cisco Routers for Syslog, NTP, and SSH Operations
Configure Cisco Routers for Syslog, NTP, and SSH Operations Configure Cisco Routers for Syslog, NTP, and SSH Operations
Configure Cisco Routers for Syslog, NTP, and SSH Operations Kelson Silva
 
managing your network environment
managing your network environmentmanaging your network environment
managing your network environmentscooby_doo
 
Building IoT infrastructure on edge with .net, Raspberry PI and ESP32 to conn...
Building IoT infrastructure on edge with .net, Raspberry PI and ESP32 to conn...Building IoT infrastructure on edge with .net, Raspberry PI and ESP32 to conn...
Building IoT infrastructure on edge with .net, Raspberry PI and ESP32 to conn...Marco Parenzan
 
Copyright © 2016 VIT, All Rights Reserved. VIT and its log.docx
Copyright © 2016 VIT, All Rights Reserved. VIT and its log.docxCopyright © 2016 VIT, All Rights Reserved. VIT and its log.docx
Copyright © 2016 VIT, All Rights Reserved. VIT and its log.docxbobbywlane695641
 
WebRTC 101 - How to get started building your first WebRTC application
WebRTC 101 - How to get started building your first WebRTC applicationWebRTC 101 - How to get started building your first WebRTC application
WebRTC 101 - How to get started building your first WebRTC applicationDan Jenkins
 

Similaire à CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS Routers - CLI (20)

CCNA Connecting NetworksSA ExamLab 13 CCNA Connecting Netwo.docx
CCNA Connecting NetworksSA ExamLab 13 CCNA Connecting Netwo.docxCCNA Connecting NetworksSA ExamLab 13 CCNA Connecting Netwo.docx
CCNA Connecting NetworksSA ExamLab 13 CCNA Connecting Netwo.docx
 
05 module managing your network enviornment
05 module managing your network enviornment05 module managing your network enviornment
05 module managing your network enviornment
 
Student packet tracer manual v1.1
Student packet tracer manual v1.1Student packet tracer manual v1.1
Student packet tracer manual v1.1
 
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
2.5.1.2 packet tracer configure cisco routers for syslog, ntp, and ssh oper...
 
Network topology by essay corp uk
Network topology by essay corp ukNetwork topology by essay corp uk
Network topology by essay corp uk
 
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docxAll contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
All contents are Copyright © 1992–2012 Cisco Systems, Inc. A.docx
 
Sc manual
Sc manualSc manual
Sc manual
 
ccna 1 chapter 2 v5.0 exam answers 2014
ccna 1 chapter 2 v5.0 exam answers 2014ccna 1 chapter 2 v5.0 exam answers 2014
ccna 1 chapter 2 v5.0 exam answers 2014
 
BACIK CISCO SKILLS
BACIK CISCO SKILLSBACIK CISCO SKILLS
BACIK CISCO SKILLS
 
IWAN Lab Guide
IWAN Lab GuideIWAN Lab Guide
IWAN Lab Guide
 
Linux hpc-cluster-setup-guide
Linux hpc-cluster-setup-guideLinux hpc-cluster-setup-guide
Linux hpc-cluster-setup-guide
 
Configuring Ip Sec Between A Router And A Pix
Configuring Ip Sec Between A Router And A PixConfiguring Ip Sec Between A Router And A Pix
Configuring Ip Sec Between A Router And A Pix
 
Chapter 2 overview
Chapter 2 overviewChapter 2 overview
Chapter 2 overview
 
Ccna4
Ccna4Ccna4
Ccna4
 
Configure Cisco Routers for Syslog, NTP, and SSH Operations
Configure Cisco Routers for Syslog, NTP, and SSH Operations Configure Cisco Routers for Syslog, NTP, and SSH Operations
Configure Cisco Routers for Syslog, NTP, and SSH Operations
 
managing your network environment
managing your network environmentmanaging your network environment
managing your network environment
 
Building IoT infrastructure on edge with .net, Raspberry PI and ESP32 to conn...
Building IoT infrastructure on edge with .net, Raspberry PI and ESP32 to conn...Building IoT infrastructure on edge with .net, Raspberry PI and ESP32 to conn...
Building IoT infrastructure on edge with .net, Raspberry PI and ESP32 to conn...
 
Copyright © 2016 VIT, All Rights Reserved. VIT and its log.docx
Copyright © 2016 VIT, All Rights Reserved. VIT and its log.docxCopyright © 2016 VIT, All Rights Reserved. VIT and its log.docx
Copyright © 2016 VIT, All Rights Reserved. VIT and its log.docx
 
WebRTC 101 - How to get started building your first WebRTC application
WebRTC 101 - How to get started building your first WebRTC applicationWebRTC 101 - How to get started building your first WebRTC application
WebRTC 101 - How to get started building your first WebRTC application
 
Unidade3 roteiro proxy
Unidade3 roteiro proxyUnidade3 roteiro proxy
Unidade3 roteiro proxy
 

Plus de Hoàng Hải Nguyễn

Building_a_database_with_PHP_and_SQL
Building_a_database_with_PHP_and_SQLBuilding_a_database_with_PHP_and_SQL
Building_a_database_with_PHP_and_SQLHoàng Hải Nguyễn
 
Introduction to EIGRP  [IP Routing] - Cisco Systems
Introduction to EIGRP  [IP Routing] - Cisco SystemsIntroduction to EIGRP  [IP Routing] - Cisco Systems
Introduction to EIGRP  [IP Routing] - Cisco SystemsHoàng Hải Nguyễn
 
RFC 1058 - Routing Information Protocol
RFC 1058 - Routing Information ProtocolRFC 1058 - Routing Information Protocol
RFC 1058 - Routing Information ProtocolHoàng Hải Nguyễn
 
Enhanced Interior Gateway Routing Protocol - Wikipedia, the free encyclopedia
Enhanced Interior Gateway Routing Protocol - Wikipedia, the free encyclopediaEnhanced Interior Gateway Routing Protocol - Wikipedia, the free encyclopedia
Enhanced Interior Gateway Routing Protocol - Wikipedia, the free encyclopediaHoàng Hải Nguyễn
 
Configuring Secure Shell on Routers and Switches Running Cisco IO
Configuring Secure Shell on Routers and Switches Running Cisco IOConfiguring Secure Shell on Routers and Switches Running Cisco IO
Configuring Secure Shell on Routers and Switches Running Cisco IOHoàng Hải Nguyễn
 

Plus de Hoàng Hải Nguyễn (20)

Building_a_database_with_PHP_and_SQL
Building_a_database_with_PHP_and_SQLBuilding_a_database_with_PHP_and_SQL
Building_a_database_with_PHP_and_SQL
 
Oracle
OracleOracle
Oracle
 
Chapter 6-Remoting
Chapter 6-RemotingChapter 6-Remoting
Chapter 6-Remoting
 
Giao_trinh_CSDL
Giao_trinh_CSDLGiao_trinh_CSDL
Giao_trinh_CSDL
 
notes4
notes4notes4
notes4
 
Introduction to EIGRP  [IP Routing] - Cisco Systems
Introduction to EIGRP  [IP Routing] - Cisco SystemsIntroduction to EIGRP  [IP Routing] - Cisco Systems
Introduction to EIGRP  [IP Routing] - Cisco Systems
 
MySQL-PHP
MySQL-PHPMySQL-PHP
MySQL-PHP
 
RTS introduction
RTS introductionRTS introduction
RTS introduction
 
DichCanKinh_thuchanh
DichCanKinh_thuchanhDichCanKinh_thuchanh
DichCanKinh_thuchanh
 
CCNA S3 - Chapter 04 - VTP
CCNA S3 - Chapter 04 - VTPCCNA S3 - Chapter 04 - VTP
CCNA S3 - Chapter 04 - VTP
 
DiemGiuaky(cnpm)
DiemGiuaky(cnpm)DiemGiuaky(cnpm)
DiemGiuaky(cnpm)
 
Quan ly bo nho trong C#
Quan ly bo nho trong C#Quan ly bo nho trong C#
Quan ly bo nho trong C#
 
notes5
notes5notes5
notes5
 
OOP1_K51
OOP1_K51OOP1_K51
OOP1_K51
 
RFC 1058 - Routing Information Protocol
RFC 1058 - Routing Information ProtocolRFC 1058 - Routing Information Protocol
RFC 1058 - Routing Information Protocol
 
Enhanced Interior Gateway Routing Protocol - Wikipedia, the free encyclopedia
Enhanced Interior Gateway Routing Protocol - Wikipedia, the free encyclopediaEnhanced Interior Gateway Routing Protocol - Wikipedia, the free encyclopedia
Enhanced Interior Gateway Routing Protocol - Wikipedia, the free encyclopedia
 
Phan tich QL ban va mua hang
Phan tich QL ban va mua hangPhan tich QL ban va mua hang
Phan tich QL ban va mua hang
 
notes2
notes2notes2
notes2
 
Giao trinh thuc hanh SQL
Giao trinh thuc hanh SQLGiao trinh thuc hanh SQL
Giao trinh thuc hanh SQL
 
Configuring Secure Shell on Routers and Switches Running Cisco IO
Configuring Secure Shell on Routers and Switches Running Cisco IOConfiguring Secure Shell on Routers and Switches Running Cisco IO
Configuring Secure Shell on Routers and Switches Running Cisco IO
 

Dernier

From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 

Dernier (20)

From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 

CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS Routers - CLI

  • 1. CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS... http://www.howtonetwork.net/public/1251print.cfm http://www.howtonetwork.net CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS Routers - CLI Lab 9 Enabling SSH and HTTPS access to Cisco IOS Routers Lab Objective: The objective of this lab exercise is for you to learn and understand how enable SSH and HTTPS access to Cisco IOS routers. Lab Purpose: SSH and HTTPS are secure management protocols that are recommended for remotely accessing and managing Cisco IOS devices. It is imperative to understand the configuration tasks required to enable SSH access in the Cisco IOS software suite. Lab Difficulty: This lab has a difficulty rating of 5/10. Readiness Assessment: When you are ready for your certification exam, you should complete this lab in no more than 10 minutes. Lab Topology: Please use the following topology to complete this lab: NOTE: If you do not have a Host in your lab, you can simply substitute Host 1 for another router with an Ethernet interface and a default static route pointing to 172.16.1.2. Lab 9 Configuration Tasks Task 1: Configure the hostname on R2 and IP addressing as illustrated in the diagram. In addition, configure Host 1 with the IP address specified and a default gateway of 172.16.1.2. Verify that Host 1 can ping R2 successfully. Task 2: Configure R2 with the domain name howtonetwork.net. In addition to this, configure R2 so that is generates a 2048-bit RSA key for maximum security. Task 3: Enable HTTPS support on R2. Ensure that only the 172.16.1.0/24 subnet can access the router via HTTPS. All attempts from any other subnet should be logged. In addition to this, configure R2 to only allow SSH connections without using an ACL. Task 4: Configure a username of ccna with a password of security on R2. This user should have Level 15 access to the router. In 1 of 9 02/06/2011 8:18 SA
  • 2. CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS... http://www.howtonetwork.net/public/1251print.cfm addition, R2 should authenticate all HTTPS and SSH sessions using the local router database. Task 5: Verify your configuration by accessing R2 via HTTPS and SSH. Lab 9 Configuration and Verification Task 1: Router(config)#hostname R2 R2(config)#interface fastethernet0/0 R2(config-if)#ip address 172.16.1.2 255.255.255.0 R2(config-if)#no shutdown R2(config-if)#exit R2(config)#exit R2# Task 2: R2(config)#ip domain-name howtonetwork.net R2(config)#crypto key generate rsa The name for the keys will be: R2.howtonetwork.net Choose the size of the key modulus in the range of 360 to 2048 for your General Purpose Keys. Choosing a key modulus greater than 512 may take a few minutes. How many bits in the modulus [512]: 2048 % Generating 2048 bit RSA keys, keys will be non-exportable... R2(config)#exit R2# R2#show crypto key mypubkey rsa 2 of 9 02/06/2011 8:18 SA
  • 3. CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS... http://www.howtonetwork.net/public/1251print.cfm % Key pair was generated at: 01:40:01 UTC Mar 1 2002 Key name: TP-self-signed-3473940174 Storage Device: private-config Usage: General Purpose Key Key is not exportable. Key Data: 30819F30 0D06092A 864886F7 0D010101 05000381 8D003081 89028181 00C8244F 0BABB6A5 57E3A33E E6D3995A 495CF68F 7E131A62 67029197 10DF0FCB 6918CBD3 B817C851 D4648C79 B882A863 7804CB89 84FB80D9 F1D86BE7 9C8292E1 61772425 2490F4BE 0322C05C 9845153E 0A455075 E9BCC77A 19900C00 84F63219 6434915C 0E821D54 42E1C8FB 4BE8A303 4E295401 B4377CDC 14AF720F 4C92DC70 A9020301 0001 % Key pair was generated at: 08:01:11 UTC Mar 1 2002 Key name: TP-self-signed-3473940174.server Temporary key Usage: Encryption Key Key is not exportable. Key Data: 307C300D 06092A86 4886F70D 01010105 00036B00 30680261 00D77959 F38BD5A2 8584B71C 05919DC2 B33C3B3F 7024C5C2 45672D12 E3271AEE 763D42ED 3D7501E5 2A335EEE 1E3591E1 72FF256A 04E488D0 F2ECEFA4 78240955 C0CA1BB0 04BC39F1 6C915A7F 27833169 48F06FAA AA6F9278 40335603 260B5C0B 8B020301 0001 % Key pair was generated at: 08:27:21 UTC Mar 1 2002 Key name: R2.howtonetwork.net Storage Device: not specified Usage: General Purpose Key Key is not exportable. Key Data: 30820122 300D0609 2A864886 F70D0101 01050003 82010F00 3082010A 02820101 00CE0214 97E827CC E6BAE894 ECD5E4BE 11172513 BDCA271E 79132E55 CE24C58C 05D76DD5 3C675C8A 4CAE8DD6 3BD5BE9A 4EAC74D1 165DE340 5334A797 0B4FB5C6 5654E0B8 5827EEEB 256C495C CCDA3E41 F8E2FB1C F81C3124 61F7C7F3 051FD914 A1CEF9DA 38352EEC 0850E3F2 498DA640 1510D929 00556458 C49A42C2 9A15692D BB9B7BA6 C946B1DE AFB6151C 22CEAACE AAE3A56D 28676D2A C1227F88 394204AF 827E7486 131E5E90 D3C8FA5A 7CFB2A3C E6E2645E 5347047F 28EAC93C 902D0CA7 93BBA7F1 E8904054 73AC4AAC D408F729 927CADD2 0BCAF6D9 F54FFC96 9BF80FE6 60805FE2 CDE1140D 2A33B883 E2537641 5B631CD4 0E42CDFB 90013487 EDA587F8 29020301 0001 Task 3: R2(config)#access-list 10 remark "This is my HTTPS ACL" R2(config)#access-list 10 permit 172.16.1.0 0.0.0.255 R2(config)#access-list 10 deny any log 3 of 9 02/06/2011 8:18 SA
  • 4. CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS... http://www.howtonetwork.net/public/1251print.cfm R2(config)#ip http secure-server R2(config)#ip http access-class 10 R2(config)#line vty 0 4 R2(config-line)#transport input ssh R2(config-line)#exit R2(config)#exit R2# Task 4: R2(config)#username ccna privilege 15 secret security R2(config)#ip http authentication local R2(config)#line vty 0 4 R2(config-line)#login local R2(config-line)#exit R2(config)#exit R2# Task 5: To verify SSH, you need an SSH client, such as Putty — for example: 4 of 9 02/06/2011 8:18 SA
  • 5. CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS... http://www.howtonetwork.net/public/1251print.cfm To verify HTTPS access, all you need is a simple Web Browser: 5 of 9 02/06/2011 8:18 SA
  • 6. CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS... http://www.howtonetwork.net/public/1251print.cfm Lab 9 Configurations R2 Configuration R2#show run Building configuration... Current configuration : 2666 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R2 ! boot-start-marker boot-end-marker ! no logging console ! no aaa new-model no network-clock-participate slot 1 no network-clock-participate wic 0 ip cef 6 of 9 02/06/2011 8:18 SA
  • 7. CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS... http://www.howtonetwork.net/public/1251print.cfm ! ! ! ! no ip domain lookup ip domain name howtonetwork.net ! multilink bundle-name authenticated ! ! crypto pki trustpoint TP-self-signed-3473940174 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-3473940174 revocation-check none rsakeypair TP-self-signed-3473940174 ! ! crypto pki certificate chain TP-self-signed-3473940174 certificate self-signed 03 3082024B 308201B4 A0030201 02020103 300D0609 2A864886 F70D0101 04050030 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 33343733 39343031 3734301E 170D3032 30333031 30383330 32395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 34373339 34303137 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100C824 4F0BABB6 A557E3A3 3EE6D399 5A495CF6 8F7E131A 62670291 9710DF0F CB6918CB D3B817C8 51D4648C 79B882A8 637804CB 8984FB80 D9F1D86B E79C8292 E1617724 252490F4 BE0322C0 5C984515 3E0A4550 75E9BCC7 7A19900C 0084F632 19643491 5C0E821D 5442E1C8 FB4BE8A3 034E2954 01B4377C DC14AF72 0F4C92DC 70A90203 010001A3 73307130 0F060355 1D130101 FF040530 030101FF 301E0603 551D1104 17301582 1352322E 686F7774 6F6E6574 776F726B 2E6E6574 301F0603 551D2304 18301680 144020A0 822373EF EFCD379B 8C2A1A4D 1343842D 59301D06 03551D0E 04160414 4020A082 2373EFEF CD379B8C 2A1A4D13 43842D59 300D0609 2A864886 F70D0101 04050003 81810018 BD971958 6D275769 5ADFF84C 566F8F39 857E730C 27B0E083 7DCF3C01 67BBEEAF 3CA291EF B92A711D C4D4AE49 A0C521CD 2A09AC35 C1D0A813 86B326AD E4EBE346 50F79E63 D35A47AF F1C54CB1 74C0F6D1 72547F28 EAE15C2C B7EB4944 C40B2FD8 050DF971 CE10C8DA 171E6161 FE0AAB91 FCCFBFA0 8ACC608A C7D9799A 73F95A quit ! ! 7 of 9 02/06/2011 8:18 SA
  • 8. CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS... http://www.howtonetwork.net/public/1251print.cfm username ccna privilege 15 secret 5 $1$AMJ7$Jhs/IcLaJsecnzlaKZCl91 archive log config hidekeys ! ! ! ! ! ! ! interface FastEthernet0/0 ip address 172.16.1.2 255.255.255.0 duplex auto speed auto ! interface Serial0/0 no ip address ! ip forward-protocol nd ! ! ip http server ip http access-class 10 ip http authentication local ip http secure-server ! access-list 10 remark "This is my HTTPS ACL" access-list 10 permit 172.16.1.0 0.0.0.255 access-list 10 deny any log ! ! ! ! control-plane ! ! ! line con 0 line aux 0 line vty 0 4 8 of 9 02/06/2011 8:18 SA
  • 9. CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS... http://www.howtonetwork.net/public/1251print.cfm password cisco login local transport input ssh ! ! end << previous lab ¦ CCNA Security Labs ¦ next lab >> © 2006-2011 HowtoNetwork.net All Rights Reserved. Reproduction without permission prohibited. 9 of 9 02/06/2011 8:18 SA